VXUG-Papers
Research code & papers from members of vx-underground. (by vxunderground)
pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do (by a0rtega)
| VXUG-Papers | pafish | |
|---|---|---|
| 2 | 17 | |
| 1,186 | 3,577 | |
| 3.0% | 2.2% | |
| 3.2 | 0.0 | |
| over 3 years ago | 9 months ago | |
| C | C | |
| - | GNU General Public License v3.0 only |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
VXUG-Papers
Posts with mentions or reviews of VXUG-Papers.
We have used some of these posts to build our list of alternatives
and similar projects.
pafish
Posts with mentions or reviews of pafish.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-02.
-
Is there still a way to counter virtual machine detection by popular anti cheat?
Pafish is what you asking for, but as u/ForceBlade wrote, you cannot win this game.
-
How to play rainbow 6 siege?
You can do it however that requires extensive Research. There are Things such as https://github.com/a0rtega/pafish That Help you get the First detection vectors sorted. However hate to say it but youll be better off actually coding a "Cheat" that Patches the vm Checks the Game does in Order to Play.
-
Makes perfect sense
Yes. For example: https://github.com/a0rtega/pafish
-
I came again to bother you guys
You can check what thing are detected by using -> https://github.com/a0rtega/pafish Normally VM Exit and Virtual Input devices are detected. But it still works for 99% of the games.
-
Error on BattlEye when getting into bus
I have been working on obfuscating my vm, the results are mixed... A good start is to use paranoid fish , tools gives you an idea how it detects vm's :)
-
VMware Shared Folders
So I suppose that it depends on the malware. Some malware doesn't want to take the chance of being reverse engineered, so when it's aware that it is in a virtual machine, it might shut down. pafish has functionality for working out whether-or-not it is running in a VMware instance.
-
VFIO current status with anti cheats?
Last time when I tried to run Valorant just BSoD the VM Everything else works (EAC, BE, Ricochet, etc...). You can test if your VM can be detected using this tool.
- Virtualization hypervisors what the heck...
-
Gaming VM under nested virtualization
Does soft as pafish https://github.com/a0rtega/pafish will detect RDTSC VM exit on wraped WinVM?
-
Does Windows think I'm running on VM? Not sure where to look.
You can use pafish to test vm detection methods. https://github.com/a0rtega/pafish
What are some alternatives?
When comparing VXUG-Papers and pafish you can also consider the following projects:
neurax - A framework for constructing self-spreading binaries
VmwareHardenedLoader - Vmware Hardened VM detection mitigation loader (anti anti-vm)
pe - A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
RDTSC-KVM-Handler - my patches for linux kernel to spoof rdtsc and make vm exit undetected
Coldfire - Golang malware development library
opencanary - Modular and decentralised honeypot